<?php

	session_start();
	
	if($_GET['session']=="destroy"){
		session_destroy();
		echo '<script> window.location=" '.$_SERVER['PHP_SELF'].' "; </script>';
	}
	
	require("header.php");
	require("navigation.php");
	require("class.php");
	
if ($_POST['Submit'] == 'Submit') {
	
	$username=$_POST[username];
	$password=$_POST[password];
	$search="SELECT * FROM users WHERE username='".$username."' && password='".$password."'";
	
	$con = mysql_connect("localhost","root","");
	if (!$con)
	{
		die('Could not connect: ' . mysql_error());
	}
	
	$db_selected = mysql_select_db('comic_store', $con);
	if (!$db_selected) {
   		die ('Can\'t use root : ' . mysql_error());
	}

	$result = mysql_query($search);
	if (!$result) {
		echo "wrong username or password";
	}
	
	else{
		
		while ($row = mysql_fetch_assoc($result)) {
			$_SESSION['user_type']=$row['type'];
			$_SESSION['user_id']=$row['id'];
			echo '<script> window.location=" '.$_SERVER['PHP_SELF'].' "; </script>';
		}
	}
}

?>

<?php

if ($_SESSION['user_type'] == '1') {
	include 'customer/index.php';
}

else if ($_SESSION['user_type'] == '0') {
	include 'admin/index.php';
}

else {

?>

<h1>Log in to reserve your comics</h1>

<form action="index.php" method="post">
	Username:<input type="text" name="username"/>
	Password:<input type="password" name="password"/>
	<input type="submit" name="Submit" value="Submit"/>
</form>

<?php
}

    require("footer.php");
    
?>